How To Make Sure Your Client Isn't The Weak Link In Supply Chain Security
By Trisha Leon, contributing writer
An article in The Guardian, “How to protect your supply chain from cybercrime,” emphasizes the importance of IT security for growing businesses. As companies grow, linking up with new partners, they can encounter new vulnerabilities to cybercrime. With each new connection, the likelihood that a cybercriminal will find a route into not just one company’s system, but the whole network of businesses, increases. Having a complicated supply chain, then, necessitates a large amount of attention to be paid to IT security.
Ramses Galego, international vice president at IT trade body ISACA, says “Ideally, you need to know what everyone in your supply chain is doing by sending your people to make sure you're happy with every partner's security systems,” adding, “That's not always possible for an SME so many will choose to work with a trusted IT supplier who can make their system secure and check out their partners' operations too.”
Sean Sullivan, security advisor at F-Secure Labs, says SMBs are a target for cyber criminals: with less security in place than larger enterprises and with bank accounts that have more money in them than in individuals’ personal accounts. In addition, SMBs need to defend attacks from an increasingly sophisticated enemy. Cyberattacks have evolved from email worms and trojans to organized attacks originating in numerous countries, targeting various markets, and implementing strategic plans to steal data to sell or to hold for ransom. “It’s not widely known how commoditized it is,” Sullivan comments.
Ways to shore up a long supply chain’s defenses are similar to those that make any one company’s system less vulnerable to attack. Security expert Paul Dignan, global technical account manager at F5 Networks, advises SMBs to concentrate on securing their systems through some commonsense security measures, as well as working with experts who know what to protect systems from.
At First Data’s Cybersecurity Symposium, John Watters, CEO of iSIGHT Partners explained creating best-in-class solutions and making them broadly available through managed services providers could benefit business.